<?php
ini_set('max_execution_TIME', 600);
include("dbconfig.php");


$examp = $_REQUEST["q"]; 

$page = $_REQUEST['page']; 
$limit = $_REQUEST['rows']; 
$sidx = $_REQUEST['sidx']; 
$sord = $_REQUEST['sord']; 
if(!$sidx) $sidx =1;
$style=-1;
//ËÑË÷Óë³õÊŒ»¯Ê±ºòŽ«³öµÄ²ÎÊý

if(isset($_GET["style"]))
	{
	$style = $_GET['style'];
	}
else{
	$style= 0;
	}
	//echo $style;
if(isset($_GET["time_mask"]))
	{
	$time_mask = $_GET['time_mask'];
	}
else{
	$time_mask= '';
	}

if(isset($_GET["nm_mask"]))
	{
	$nm_mask = $_GET['nm_mask'];
	}
else{
	$nm_mask= '';
	}
if(isset($_GET["id_mask"]))
	{
	$id_mask = $_GET['id_mask'];
	}
else{
	$id_mask= '';
	}
if(isset($_GET["real_mask"]))
	{
	$real_mask = $_GET['real_mask'];
	}
else{
	$real_mask= '';
	}


if(isset($_GET["from_mask"]))
   {
	$from_mask = $_GET['from_mask'];
	}
else{
	$from_mask = '';
	}
if(isset($_GET["to_mask"]))
   {
	$to_mask = $_GET['to_mask'];
	}
else{
	$to_mask = '';
	} 
	
if($style==0)
{
$where = " WHERE 1=1";
if($from_mask!='')
	$where.= " AND regtime >='$from_mask%'";
if($to_mask!='')
	$where.= " AND regtime <='$to_mask%'";
if($id_mask!='')
    $where.= " AND idnum like '%$id_mask%'";
if($nm_mask!='')
    $where.= " AND username like '%$nm_mask%'";
if($real_mask!='')
    $where.= " AND realname like '%$real_mask%'";

$db = mysql_pconnect($dbhost, $dbuser, $dbpassword)
or die("Connection Error: " . mysql_error());

mysql_select_db($database) or die("Error conecting to db.");
mysql_query("SET names UTF8");
$SQL ="select * from tmp_userinfo ".$where;
$result = mysql_query($SQL);
if (!$result) echo "SQLERR".mysql_error();
$count = mysql_num_rows($result);

if( $count >0 ) {
	$total_pages = ceil($count/$limit);
} else {
	$total_pages = 0;
}
if ($page > $total_pages) $page=$total_pages;
if ($limit<0) $limit = 0;
$start = $limit*$page - $limit; // do not put $limit*($page - 1)
if ($start<0) $start = 0;
$SQL ="select * from tmp_userinfo ".$where." ORDER BY $sidx $sord LIMIT $start , $limit";
//echo $SQL;
$result = mysql_query( $SQL ) or die("Couldnt execute query.".mysql_error());
$responce->page = $page;
$responce->total = $total_pages;
$responce->records = $count;
$i=0;

while($row = mysql_fetch_array($result,MYSQL_ASSOC)) {
	 $responce->rows[$i]['ID']=$row[id];
	 $userid=$row[userid];
#    $cipher = MCRYPT_DES;
#    $modes = MCRYPT_MODE_ECB;
#    $iv = mcrypt_create_iv(mcrypt_get_iv_size($cipher,$modes),MCRYPT_RAND);
#    $idpic= mcrypt_decrypt($cipher,$userid,$row[idpic],$modes,$iv);
     if ($row[userstatus]==0) $row[userstatus]="未通过";
      else $row[userstatus]="通过";
    $responce->rows[$i]['cell']=array($row[id],$row[regtime],$row[username],$row[realname],$row[userstatus],$row[address],$row[mobile],$row[email],$row[idnum],"null",$row[idpic]);
    $i++;
} 

echo json_encode($responce);
mysql_close($db);

}

else if($style==2)
{
   $db = mysql_pconnect($dbhost, $dbuser, $dbpassword)
   or die("Connection Error: " . mysql_error());

   mysql_select_db($database) or die("Error conecting to db.");
   	switch ($_REQUEST['oper']) {
		case 'del':
			delete();
			break;
		case 'edit':
			update($_POST);
			break;
		default:
			break;
	}
	mysql_close($db);
} 

function delete(){
		 $id=$_REQUEST['id'];
		 $var=explode(",",$id);
		 $len=count($var);
		 for ($i=0;$i<$len;$i++)
		 {
		 $sql="Delete from tmp_userinfo where id='$var[$i]'";
		 $result =mysql_query ($sql); 
		 if (!$result) echo "SQLERR".mysql_error();
		 }			 
	    }

function update($data) {
        echo $id;
		  $id=$_REQUEST['ID'];
		  $userstatus=$_REQUEST['TYPE'];
		 if($userstatus==1){
		 #$sql="Update userinfo set userstatus='$userstatus' where id='$id'";
		 mysql_query("SET names UTF8");
		 $sql="select * from tmp_userinfo where id= '$id' ";
		 $result =mysql_query ($sql);
		 if (!$result) echo "SQLERR".mysql_error();
       $row = mysql_fetch_array($result,MYSQL_ASSOC);
        $sql="Insert into userinfo (username,userid,password,idnum,idpic,realname,email,mobile,telephone,address,workplace,job,pswfind,regtime)".
        "values ('$row[username]','$row[userid]','$row[password]','$row[idnum]','$row[idpic]','$row[realname]','$row[email]','$row[mobile]','$row[telephone]','$row[address]','$row[workplace]','$row[job]','$row[pswfind]','$row[regtime]')";

        $result =mysql_query ($sql);
        $sql="Delete from tmp_userinfo where id='$id'";
		 $result =mysql_query ($sql);
		  for($i=0;$i<4;$i++){
             $sql="Insert into riskvalue(userid,name,value,alarm) values('$row[userid]','$i',0,'00')";
               $result =mysql_query ($sql);
             $sql="Insert into alarminfo(userid,rank,content,suggestion) values('$row[userid]','$i','','')";
               $result =mysql_query ($sql);
             }
		 }

	 }


?>
